dropbear as ssh honeypot

Hans Harder hans at atbas.org
Fri Dec 1 02:47:32 AWST 2017

Hi Matt,

I was looking for a SSH honeypot... so I thought about adapting dropbear.

Seems to me it would be easy to disable any successfull logins by adapting
file svr_auth.c  with

/* Send a success message to the user, and set the "authdone" flag */
void send_msg_userauth_success() {

        send_msg_userauth_failure(0, 1);
... original code

Is it really that easy to prevent any logins like that or am I forgetting

I prefer dropbear besides all the other ssh honeypot implementations,
because I already use dropbear and I know the code....

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.ucc.gu.uwa.edu.au/pipermail/dropbear/attachments/20171130/737b8a6e/attachment.htm 

More information about the Dropbear mailing list